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example authentication of new units and the encryption of data transmitted 
between these units. This research provides a new model covering two 
Keyword: important aspects in WSN. The first aspect is the creation of the key that will 
be used for the current session between a pair of nodes. In this step the 
research introduces the intuitionistic fuzzy sets to handle the WSN criteria 
simultaneously and efficiently, in order to decide the exact key length 
required depending on the status of the network parameters. The second 
aspect is the distribution of the key between the units desiring 
KNN communications. This phase starts by authenticating each entity to each other 
WSN (Wireless sensor network) and to the cluster head, then one unit suggests a key and the other one 
confirms. It then starts communication using that key. This phase shows the 
hybrid cryptography applied in which the algorithm uses asymmetric 
encryption for authentication then uses symmetric encryption to secure the 
connection between the two units. Experimental results in this research could 
categorized also into two classes. The first class is key size model in which 
the proposed model compared to ordinary KNN and fuzzy model related to 
the determination of the key size. The proposed model shows an overall 
efficient way relating to decide the key size. The second class of experiments 
is to distribute the intermediate key efficiently; at this point the proposed 
model shows resilience and efficiency compared to distributing the key 
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1. INTRODUCTION 

The study introduces WSN (wireless sensor network) with wide rang about its meaning and 
applications , it is not regarded as any ordinary network systems but it considers one of the most essential 
ways to introduce perfect and secure network service [1]. To assure that we need to provide some 
circumstances and follow conditions which help users to access information in fields of interest of WSN 
easily without any obstructions or problems. In this study also Encryption or encoding is recognized and 
implemented to provide a secure means of transmission and communication by knowing its origin, meaning 
and its way of working in addition to its main purpose which protects data storage. 
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In this research a new model for securing the WSN is proposed. The proposed model used to secure 
the creation and transmission of the secret key which is used for temporarily communication between a 
couples of entity. The creation of the temporarily depends on some parameters those are passed to an 
intuitionistic fuzzy model which decides the exact number of bits will be used under the current 
circumstances. After the number of bits is clearly decided; the model starts another phase in which the key is 
passed to a pair of units issued communication. The model starts with a communication request from a node 
to the Cluster Head. The CH authenticates each unit to the other then the session key is created and passed 
between the two units for a certain amount of time decided by the CH according to the intuitionistic 
fuzzy model [2]. 

WSN is the type of networks that is based on ad-hoc technology but provides more adequate and 
stable infrastructure. WSN provides so many applications both military and civilian environments. Security 
in WSN is emerging many researchers since a lot of attacks occurred frequently. These attacks requires 
continuous development of defense systems to face these attacks. The intuitionistic fuzzy sets provides a very 
elastic and strong methods for decision making within a very changing environment like WSN. The rest of 
this section provides insights on WSN, Key distribution, cryptography and intuitionistic fuzzy sets. Those 
topics are the orbits for this research. 


1.1. WSNs 

A wireless sensor network (WSN) means the wireless network that consists of spatially distributed 
over a range of autonomous devices by using sensors to provide the ability for controlling the environmental 
conditions. A WSN system incorporates a gateway that provides wireless connectivity back to the wired 
world and distributed nodes. The wireless protocol of choice works by depending on the application needs 
and requirements [3]. 

Applications of WSN: Engineers create WSN applications for areas involving health care, utilities, 
surveillance and remote monitoring. In health care field, wireless devices create less invasive monitoring for 
patients [4]. For services utilities such as the electricity power grid, streetlights, and outdoor water 
municipals, wireless sensors give a lower-cost way for collecting system health data to decrease energy usage 
and better manage resources. Remote controlling and control covers a wide range of applications including 
ways where wireless systems can sequel wired systems by decreasing costs of wiring structures and allowing 
many new types of measurement applications. Remote monitoring and surveillance applications include: 

a. Industrial large machine monitoring, saving human life from danger 

b. Structural monitoring for large buildings and bridges 

c. Environmental monitoring and assessment of air, soil , and water [5] 

d. Process monitoring for watching over the steps involved in the automated processes without human 
intervention. 

e. Important objects tracking 

Wireless technology gives many advantages that help users to make wired and wireless systems and 
allow users to take advantage of the greatest technology for their applications. 


1.2. Components of a WSN Node 

A WSN node has several technical ingredients involving the radio, battery, microcontroller, sensor 
interface and analog circuit. When WSN technology is used, trade-offs among those composts must be kept 
in mind. In systems those are mainly battery-powered, the use of more frequent radio besides higher radio 
data rates implies more power consumption. Usually two to three years battery life 1s required, so most of the 
WSN systems today are built on ZigBee because of the low-power consumed in Zigbee, due to battery life 
and power management technology are evolving and due to the availability of IEEE 802.11 bandwidth, W1- 
Fi will be an interesting technology [6]. 
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Figure 1. General form of WSN 
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The other technology requirement in WSN architecture is the battery itself. In addition to long life 
required, the size and weight of batteries must be considered as well as internationally existing standards for 
the shipping of batteries and the availability of battery. The low cost and wide availability of carbon zinc and 
alkaline batteries make them a common choice. 

To enlarge the battery life, a WSN node continuously wakes up and transmits data by powering on 
the radio and then powering it back off to keep energy. WSN radio technology must transmit a signal 
efficiently and allow the system to go back to sleep with lower power use. This means the processor included 
must also be able to power up, wake and return to sleep mode in an efficient way. WSNs Microprocessor 
direction involve reducing consumption of power while reserving or increasing processor speed. Much like 
any radio choice, the processing speed and power consumption trade-off is a key issue and concern when 
selecting WSNs processors [7]. This makes processors of the family x86 architecture a very hard option for 
any battery-powered units. 

The rest of this paper is categorized as follows; section one provides literature review and 
preliminaries for the technologies and methods used in this research; section two provides the introduced 
model for securing WSNs; the experimental results performed in this research is illustrated in section three; 
finally the conclusions drawn from this research is figured out in section four. 


2. RESEARCH METHOD 
2.1. Intuitionistic Fuzzy Sets 

Intuitionistic fuzzy set (IFS), introduced by Atanassov is considered a powerful tool to handle deal 
with vagueness. A prominent obvious characteristic of IFS is that it assigns to each element first a 
membership degree and secondly a non-membership degree, and thus, the IFS constitutes an advancement 
and extension of Zadeh’s fuzzy set, which assigns only a membership degree to each element [8]. Many 
authors have paid attention for the applications of the IFS theory. Those applications and theories has been 
successfully used and applied in different fields such as; logic programming [9], medical diagnosis, decision 
making problems etc. Recently various applications of IFS clustering and classification of artificial 
intelligence have appeared; for example (IFNN) intuitionistic fuzzy neural networks, (IFES) intuitionistic 
fuzzy expert systems, (IFML) intuitionistic fuzzy machine learning [9]. (IFDM) intuitionistic fuzzy decision 
making, (IFSR) intuitionistic fuzzy semantic representations etc. 
Intuitionistic fuzzy sets: 


Let a set E be fixed. An IFS A* in £E is an object having the form: A* = {(x, uA(x), VA(@)) | x € E}, 





(0, 0) (1, 0) a 


Figure 2. Space Allocation of IFS 


where the functions A(x): E — [0, 1] and vA(x): E — [0, 1] define the degree of membership and the 
degree of non-membership of the element x € E to the set A, which is a subset of E (for simplicity below we 
shall write A instead of A*), respectively, and for every x E E: 0 < A(x) + vA(x) < 1. 


2.1.1. Intuitionistic Fuzzy Sets (IFS) Model 

For the purpose of providing the accurate size of the intermediate encryption key, the algorithm 
must keep track of the rapidly changing parameters in the WSN. Hence the expected level of security 
depends mainly on the difficulty of breaking the secret key between each pair of communicating devices. 

The crucial step in the proposed model is the design of the IFS function that produces the actual size 
of the session key (intermediate encryption key) by processing the parameters given. This process handles 
five variables (Nodes Count (NC), Node Log (NL), Trusted Neighbors Count (TNC), Frequency of key 
Changes (FKC) and Length of Temporarily Key (LTK)) each of those variables will have a degree of 
membership wA(x) and a degree of non-membership vA (x) as illustrated below: 

1. Nodes count(NC): a counter Intuitionistic fuzzy variable that holds the number of nodes currently 
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registered to the WSN taking two fuzzy values 

a. Small with uA (sml) and vA (sml) 

b. Many with wA(ma) and vA(ma) 

2. Node log(NL): an Intuitionistic fuzzy variable that monitors the history of the node’s authentication 

attempts, this variable takes three values: 

a. Good: the node had been registered many times and causes no susceptibility with uwA(Go) and 
vA (Go) 

b. Moderate: In states that the node had been registered many times but causes small number of 
susceptibilities 
with uA (Mod) and vA(Mod) 

c. Bad: declares that the node is a potential risk either by its self or through a BOTnet attack with 
uA(Bad) and 
vA (Bad) 
The node log variable will be expressed graphically as follows in Figure 3 and 4 
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Figure 3. NL IFR 
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Figure 4. NL IFR 


3. Trusted Neighbors count(TNC): counter Intuitionistic fuzzy variable that keeps track of the number of 

neighbors with a certain threshold of distance from the node A. that variable takes three values: 

a. Little: indicates that the number of neighbors is small hence the amount of attacks is relatively 
small, this variable is associated with two states wA(Lit) and vA (Lit) 

b. Medium: indicates that the number of neighbors is small hence the amount of attacks 1s relatively 
medium, this variable is associated with two states uA(Med) and vA(Med) 

c. Many: indicates that the number of neighbors is small hence the amount of attacks is relatively 
large, this variable is associated with two states wA(Man) and vA(Man) 
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4. Frequency of key Changes (FKC): the frequency of changing the session key which is an intuitionistic 
fuzzy variable, the more frequent changing key is for sure safer and provides more resilience to the 
security overall but still creates more processing and more resources consumption . This variable 
handles two values: 

a. S: ordinary traffic flow and small number of changes to the session key, this variable is associated 
with two states uA(S) and vA(S) 

b. F: high traffic and fast changing the session key, this variable is associated with two states uA(F) 
and vA(F) 

5. Length of Temporarily Key (LTK): the length of the temporarily session key, which is also an 
intuitionistic fuzzy variable for outputting the key length. This variable handles three values: 

a. S: the fewest number of bits for a session key usually 16:64 bits depends on the inputs. 
b. M: moderate number of bits for a session key usually 64:184 bits depends on the inputs. 
c. L: large number of bits for a session key usually 184:512 bits depends on the inputs. 
The reason to handle and process those variable is to obtain the desired security by find the exact 
value of another variable Session Key Scale (SKS) variable with the values ranging (very low, low, normal, 
high, very high) the table below illustrates the intuitionistic rules applied in each case 


Table 1. IFS Inputs and Outputs 


Intuitionistic fuzzy inputs Output Output 
NC NL TNC FKC LTK SKS Number of bits 

u,(sml) ~ v,(sml) u,(Go) ~ v,(Go) u,(Lit) ~ v (Lit) uw,(S) ~ v,(S) S Very low 12-16 
u,(ma) ~v, (ma) pu,(Mod) ~v, (Mod) u, (Med) ~v (Med) uu, (F) ~ v,(F) M Low 24 - 32 
u,(sml)~v,(sml)  u,(Bad) ~v, (Bad) pu, (Man) ~v (Man) u,(S)~ v,(S) L Normal 48 - 64 
u,(sml) ~v, (sm) u,(Mod) ~v, (Mod) u, (Man) ~v (Man) u,(F) ~ v,(F) M Normal 48 - 64 
u,(ma) ~ v (ma) u,(Go) ~ v (Go) u, (Lit) ~ v (Lit) u,(S) ~ v,(S) S Low 24 - 32 
u,(ma) ~ v (ma) u,(Go) ~ v (Go) u,(Med) ~v (Med) u,(F) ~~ v,(F) S High 128 - 160 
u,(sml) ~v, (sm) u,(Mod) ~v, (Mod) u,(Lit) ~ v (Lit) UCS) ~ v,(S) L Normal 48 - 64 
uw, (sml) ~ v,(sml) u,(Go) ~ v,(Go) u,(Man) ~v,(Man) u,(F) ~ vF) L High 128 - 160 
u,(ma) ~ v (ma) u,(Bad) ~ v (Bad) pu, (Med) ~v (Med) u (S) ~ v,(S) M Very high 256 - 300 
u,(sml)~v,(sml)  u,(Bad) ~v (Bad) u,(Man) ~v (Man) u,(F) ~ v,(F) M Normal 48 - 64 
u,(ma) ~ v (ma) u,(Go) ~ v,(Go) (Lit) ~ v (Lit) u,(S) ~ v,(S) S Very high 256 - 300 
u,(ma) ~v, (ma) pu,(Mod) ~v, (Mod) u,(Med) ~v (Med) u, Œ)~ v,(F) L High 128 - 160 
u,(sml) ~v, (sml) u,(Bad) ~ v (Bad) u,(Lit) ~ v (Lit) u,(S) ~ v,(S) M Low 24 - 32 
u,(ma) ~v, (ma) pu,(Mod) ~v, (Mod) u,(Man) ~v, (Man) uu, (F) ~ v,(F) L High 128 - 160 
u,(ma) ~ v (ma) u,(Go) ~ v,(Go) u,(Med) ~v (Med) u (S)~ v,(S) S Normal 48 - 64 


Table 1 provides the basis for the fuzzificaction process implementing the IF-Then rules and all of 
the other steps in the process. The value of the variable SKS determines the fuzzy value for the session key 
length. The Defuzzification process shown in the table 1 which provides the actual length of the session key. 


2.2. Key Distribution 

Key distribution might be defined as the process of distributing (cryptographic) keys to different 
parties. Usually this distribution includes techniques regarded "out-of-band", 1.e. techniques that don't use the 
channel again of later connections to transmit keys. Alternative method for key distribution can be achieved 
through the relying of the distributing new keys onto the safe distribution of old keys, that's what a KDC is 
doing [10]. 

The standard meaning for distributing keys propose administration over the entire lifetime of the 
key. Key management and distribution is a piece of key administration, however it additionally includes key 
creation, key escrow (for reinforcement purposes), key erasure, key repudiation, key utilization and key trust 
in administration. 

Cryptography is likewise used to help the procedures for validating entities between sets of nodes. 
Authentication rules and protocols are about dissemination and administration of secret keys [11]. Key 
management and distribution in an appropriated environment is a usage of dispersed verification protocols. 
Based on this thought many key dissemination and verification conventions have been proposed. 

Generally, all protocols and mechanisms expect that some secret data is held at first by every 
management unit. Authentication and verification is accomplished by one central node exhibiting the other 
that manages that key. All frameworks accept that strategy condition is exceptionally unstable and is open for 
assault. So any message arrived from a central unit must have its authentication, integrity and freshness 
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confirmed. To accomplish these objectives, most frameworks need to depend on a confirmation server and 
this server ought to have the accompanying highlights [12]. 

Ability: An Authentication server conveys great quality session keys and disperses them to the 
asking for principals safely. 

Trustability: Authentication server keeps up a table containing a name and a private key for every 
unit. The secret key is utilized just to confirm unit's actions to the verification server and to transmit 
messages safely between customer forms and the confirmation server [9]. Key distribution and validation 
Protocols are isolated into two classifications to assure the confirmation of a message. To begin with class 
utilizes nonce and test/reaction handshake to check freshness, illustration is Needham-Schroeder Protocol. 
Second classification utilizes timestamps and expect that all machines in appropriated framework are clock- 
synchronized; case is Kerberos Protocol [13]. 


2.2.1. Encryption 

Encryption is the transformations of electronic data from a form to another, aka cipher text, which 
difficult to be understood or decrypt by anyone except authorized units. The main reason and goal of 
encryption is to preserve the secrecy and confidentiality of digitally stored or transmitted data files through 
the Internet or other computer networks used. Modern ciphering algorithms play a truly crucial part in the 
security and assurance of electronic communication systems as they can preserve both confidentiality and the 
following vital key security elements [14]. 

Authenticity: The source of a message could be assured and confirmed. Integrity: a proof of the case 
that message contents have been modified or not since its transmission. Non-repudiation: the originating unit 
of a message cannot claim that the message does not belong to him [3]. 

Symmetric ciphers (single key encryption) are the type of encryption in which all entities share one 
secret key, for both ciphering and deciphering a file. AES is considered to be one of the most widely used 
single-key encryption [9]. Symmetric encryption provides a faster processing than asymmetric-key 
encryption, but with a drawback that the sender must somehow transforms the secret key used to encrypt the 
data to the other unit(s) before start using that key. This is a basic condition to securely manage and distribute 
huge amounts of symmetric keys implies that most cryptography models use a symmetric encryption 
algorithm to cipher data efficiently, on the other hand they use asymmetric encryption algorithm for the 
purposes of secret key transmission [15]. 

Asymmetric (double-key) cryptography, or public-key cryptography, this type of ciphering uses a 
couple of mathematically related but different keys. The first key is public (available to some or all other 
units) and the other key is to be private (secret). One of a commonly used asymmetric encryption is RSA 
algorithm, basically because both keys (public and private) can be used to encipher a transmission; in the 
same time only the other key from the one used to encipher a message can be used to decipher it. This 
condition allows a trust way of assuring not only integrity, but also the confidentiality, non-reputability and 
authenticity of an electronic connection [11]. 


2.2.2. Key Distribution Model 

After deciding the suitable length of the intermediate encryption key, this length must sent in a 
secret way to both nodes that asking for communication. In order to do so a way of asymmetric encryption 
must be used. For the purpose of asymmetric encryption RSA was preferred for the implementation to obtain 
the public key and private key for each node within the WSN. These keys are distributed within the shake 
hand protocol when the node is first registering to the WSN, the hand shake protocol is to be done with the 
Cluster Head (CH) which is one node responsible for keeping track of each node within the WSN in its 
range, if this CH tries to leave the WSN or goes down for any reason it transmits all of its control information 
and data bases to a node with the highest Node Log in the WSN. Now another problem arises which is the 
way of distributing the intermediate encryption key. To distribute the session keys safely means of hierarchal 
communication must be used. One of the most famous and practical solution for the hierarchal 
communication is the PKI. A customized version of the PKI is used in this algorithm taking three stages as 
shown in Figure 7. 






Sta FE Node acke foe Stage Noite X acketo 
Node Ys puble cammunbmėr 
1 hey 2 with mode T 


Figure 7. Key Distribution Model 
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a) Stage 1: node X tries to gain access to the public key of node Y, this can be done over four steps 
1) Step 1 ( X requests Y’s public key from CH): node X sends a request message to the CH, requiring the 
public key of node Y this message is in the form Co which means cipher to (CH) 


C,o(CH)=Exuccry (Ekr Gd , Y)) (1) 


This message contains the id of the message to prevent replay attacks and the name of the node Y. 
The message is encrypted two times first with the private key of node X (to assures that it come from node X 
since it cannot be decrypted by any key except by X’s public key which is available to the CH) then the 
message is encrypted with CH’s public key, which is available to every node in the WSN. The reason behind 
the last encryption to assure that only CH can open the message by its private key. 


2) Step 2(CH decrypt X’s message): CH receives the message from X and analyze it in the form of reversing 
the order of the message Mfim(X) which message from X. CH first decrypts by its own private key then 
with Y’s public key. 


Meérm(X) = Dxricy) (Exuœ (d ’ Y)) > (id,Y) (2) 
3) Step 3 (CH sends Y’s public key to X): CH encrypts a message in the form 
Cio(X) = (Exuœ (Errcald , KU(Y))) (3) 
Double encryption in this step serves as encryption of the message and authentication of (CH). 
4) Step 4 (X retrieve Y’s public key from CH’ s message): X decrypts the message as the following equation: 
Mém(CH) = Dgrcn) Exuœ ld , KU(Y))) > id, KU(Y) (4) 
b) Stage 2: node X asks node Y for communication 
1) Step 1 (X sends a communication request to Y): X sends a non-encrypted message to Y including X’s 
public key and an id to declare the timing of the message 
M,.(Y) = (id , KUCX)) (5) 


2) Step 2 (Y sends a query to CH ): node X sends a request message to the CH, requiring the public key of 
node Y this message is in the form Co which means cipher to (CH) 


Cio(CH)=Exuccry (Exra(id , KUCX))) (6) 


The message includes the id of the message to prevent replay attacks and the public key of the node 
X. This message is encrypted two times first with node Y's private key to authenticate Y to CH. Then the 
message is encrypted with CH’s public key that prevents any other node from reading the content 
of the message. 


3) Step 3 (CH decrypt Y’s message): CH receives the message sent from Y and analyzes in the form of 
reversing the order of the message Mfrm(Y) which message from Y 


Mim(X) = Dgr (EkxumGd , KU(X))) > Gd, KU(X)) (7) 


4) Step 4 (CH sends X’s public key to Y): CH encrypts a message containing the public key of X as a 
confirmation to Y in the form 


Ci(Y) = (Exum) (Errcald , KU(Y))) (8) 
5) Step 5 (Y confirms X’s public key from CH’s message): Y decrypts the message as the following 
equation: 
Mérm(CH) = Dkr (Exucy(id , KU(X))) > id , KU(X) (9) 
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Up to this step X and Y are both confirmed to each other and to CH that leads the flow to stage 3 in 
which they are communicating through a common shared key with the size given from the intuitionistic fuzzy 
model for key distribution that is mentioned earlier. 


c) Stage 3: Establish a connection between X and Y 
1) Step 1 (Y sends a confirmation to X): in order to inform X that Y got the confirmation about X from CH, 
Y sends a message in the form 


C,.(X) = (Exucx) (Exrryy(id , KU(X))) (10) 


This message contains the public key of X to confirm the acknowledgment about X this message 
will be encrypted two times first encrypted with the private key of the Y node to authenticate Y to X, then the 
message is encrypted with X’s public key that prevents any other node from reading the content 
of the message. 


2) Step 2 (X decrypt Y’s message): X receives the message sent from Y and analyze in the form of reversing 
the order of the message Mfrm(Y) which message from Y 


Mim(Y) = Dkrreœ (Exuayid , KU(X))) > (id, KUCX)) (11) 


Now both X and Y are confirmed and authenticated to each other so they can communicate with a 
common shared key that will be used for any symmetric encryption technique. 


3) Step 3 (X sends the intermediate encryption key to Y): in order to start a private session between X and Y 
X sends an intermediate session key (IKE) to Y. 


Co(Y) = (Exuryy (Exroo(id , IEK)) (12) 
This message contains the IEK this message will be encrypted two times first encrypted with the 
private key of the X node to authenticate X to Y, then the message is encrypted is encrypted with Y’s public 


key that prevents any other node from reading the content of the message. 


4) Step 4 (Y extracts the IKE of the message from X): Y receives the message sent from X and analyze in 
the form of reversing the order of the message Mfrm(Y) which message from Y 


Méim(X) = Dgr) (Ekxuœ (id , IEK)) ® (id, IEK) (13) 
5) Step 5 (Y sends a hello message encrypted with the intermediate encryption key to X ): the final step 
before both nodes can start their communication using IEK, is that Y sends a message encrypted using the 
symmetric encryption algorithm using the IEK. 


C,.(X) = Erez (id,“HEllo”) (14) 


By the time this message arrives to X. It is confirmed that Y got the IEK so they can start their 
session using that IEK. 
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confirming the IEK | 


Figure 8. Sequence diagram for communication 


3. RESULTS AND ANALYSIS 
During the implementation of this research a set of experiments performed and a set of experimental 
results recorded. The first type of experiments was to discriminate among different tools and methods of 
deciding the size of the Intermediate session key as will be discussed in section 3.1. In section 3.2 the other 
set of experiments was in the key distribution methods was clarified. This section will compare the results of 
applying the proposed model to some algorithms and models used to provide the same functionality. 
To compare different type of algorithms two criteria are used in each case. 
1. Processing time: the time required to process the nodes under consideration by the algorithm, in other 
words the time required to evaluate the mathematical and logical operations required by the algorithm. 
2. Gained security level: the level of security provided by each algorithm this criteria will be measured 
through monitoring two indicators: 
a. False rejection: number of non-attacker nodes which the model rejected or eliminated. 
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b. False acceptance: number of attacker nodes which the algorithm did not discovered. 


3.1. Intuitionistic Fuzzy Model (Key Size) 

The key size determination function is the first step in the proposed model. The results of the 
intuitionistic implementation were compared to two will know algorithms in the field, KNN and Fuzzy 
implementation. Results were monitored and recorded in each case regarding to the two applied criteria. 


3.1.1. Processing Time 

The it takes the model to generate the key is referred to as the processing time, it differs from 
environment to another for example some applications are delay tolerant like mail transmission and FTP 
where some other environments does not provide any tolerance for delay such as real time environment. The 
concern of this research is on the first type delay tolerant applications. In the same time the processing time 
must be bounded and reasonably accepted in order to keep the processing capabilities intact and healthy. 
These results are in milliseconds and shown in Figure 9. 


ASL OF INTUITIONISTIC FUZZY VS. NON- 
INTUITIONISTIC FUZZY CLASSIFICATION 


¥ KNN @ furry function = Intuitionistic f 


ii r P 100 3 or b 4 To. 
NUMBEF 


t OF NODES 
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Figure 9. ASL of Intuitionistic Fuzzy vs. Non-intuitionistic Fuzzy Classification 


Figure 9 shows the processing time for the intuitionistic fuzzy function is larger for the small 
number of units which is logically due to the number of parameters handled and the computation time 
required but as the system grows up and the number of units increases the proposed model outperforms the 
two other algorithms with respect to the processing time. 


3.1.2. Gained security level: 


The gained security levels for three types are measured in terms of false acceptance and false 
rejections and shown in Tables 2, 3. 


Table 2. False Acceptance of Intuitionistic Fuzzy vs. Fuzzy Function vs. KNN 


No. nodes 10 15 25 50 75 100 175 200 225 250 

= Non fuzzy KNN 2 5 8 12 18 2 45 #55 60 70 

aes fuzzy function 2 5 9 11 17 2 39 48 52 67 
acceptance 


Intuitionistic fuzzy function 1 3 4 7 8 10 17 22 25 90 


Table 3. False Reject of Intuitionistic Fuzzy vs. Fuzzy Function vs. KNN 


No. nodes 10 15 25 50 75 100 175 200 225 250 
Non fuzzy KNN 1 2 3 6 9 10 15 20 23 28 
False reject fuzzy function 2 3 4 7 8 9 11 14 16 19 
Intuitionistic fuzzy function 1 2 2 3 4 4 6 7 9 9 


Tables 2 and 3 show how intuitionistic fuzzy decision making for the size of the key outperforms 
the other two models with a very significant ratio in both false acceptance and false rejections these 
superiorities condones the time delay obtained for the small number of units. 
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3.2. Key Distribution Model 

The most important step in the proposed algorithm which is the decision of the key size is done with 
its experiments and proven that the intuitionistic fuzzy model outperforms the other two alternatives. Now it 
is the time to examine the next stage in the model which is the distribution of the key. One way is to provide 
each of the units with IEK directly through the CH which will be referred as DCH and the other alternative is 
to use the infrastructure provided by the algorithm shown in the proposed model which will be referred as 
IPM. In this section both paradigms will be compared in terms of the two common criteria. 


3.2.1. Processing Time 
The processing time for both mechanisms is measured in milliseconds and shown in Figure 10. 


SECURITY OF DCH V5. IPM 


BOCH IPM 


PROCESSING TIME 


5 0 1 ÖÖ 17i 70Ü 


NUMEBI 5 OF NODES 
Figure 10. Security of DCH vs, IPM 


Figure 10 shows one weakness of the proposed model that it takes more time to distribute the key, in 
fact this amount of time as it is really obvious it is still negectable regarding to the security provided by the 
proposed model. 


3.2.2. Gained Security Level 


One other important criterion that must be considered while developing any solution for a security 
model that is the gained security of the implementation, since the algorithm is capable of deciding whether to 
accept or reject the node and alter its log variable, then the gained security has to be in consideration. The 
next tables show the number of false acceptance and reject shown by implementing key distribution 
scenarios. 


Table 4. False Acceptance of DCH vs. IPM 
No. nodes 10 15 25 50 75 100 175 200 225 250 
False DCH 1 3 8 15 21 30 48 57 62 65 
acceptance IPM 1 3 4 6 lil 14 18 19 21 23 


Table 5. False Acceptance of DCH vs. IPM 
No. nodes 10 15 25 50 75 100 175 200 225 250 
DCH 1 2 4 8 10 12 18 22 25 30 


False reject IPM 1 2 3 4 6 7 7 8 8 9 


Tables 4 and 5 show that the IPM provides a far more enhanced security levels than DCH in both 
cases; either the decision to accept a node or to reject it. Specifically when it comes to rejection IPM provides 
semi stable performance as the number of nodes continues to grow other than the decaying performance of 
DCH which provides more false reject and acceptance than IPM. 


4. CONCLUSION 
The importance of the WSN comes from the fact that it could replace human existence in dangerous 
and hostile environment. WSN provides a scalable, easy to implement and very resilient infrastructure. 
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This research provides a novel model for securing the WSN, via making sure that the intermediate encryption 
key is used for short periods and distributed safely. The model illustrated could be viewed as a two phase’ s 
paradigm, the first phase decides the number of bits required for the IEK according to the current network 
conditions, this number of bits is to be passed to the second phase which is the key distribution model. In the 
later phase each unit tries to make sure that it will communicate with the right unit, this done through 
securely communicate to a trusted third unit which is called CH. Experimental results performed in this 
research could be also categorized into two categories the first handles the key size determination in which 
the research shows that the use of intuitionistic fuzzy model will increase the security levels significantly, 
where as it provides a little bit of increment in processing time but this amount of time is relatively small 
compared to the advancement in security levels. The other category of the experimental results handles the 
IEK distribution model, in this step IPM shows advancement in the security levels that overcomes the delay it 
provides regarding to the processing time. For future research we are looking forward to apply some colony 
classification such as bee or whale to decide the key size. Additionally we will implement elliptic curve 
strategy for key distribution 
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APPENDIX 


Algorithm 1: Key Size generation by using Intuitionistic fuzzy model 
Input: Node Count (NC), Node Log (NL), Trusted Neighbors Count (TNC), Frequency of key Changes 
(FKC)and Length of Temporarily Key (LTK) 
Output: length of the intermediate encryption key (in bits) AEK) 
For each input variable; 


Calculate uA (X) ~ VA(X) 
Apply Intuitionistic fuzzy system conductive IF-Then rules 
End 


Algorithm 2: Key Distribution 
Input: intermediate encryption key (in bits) AEK) 
Output: Key distributed 
// Stage 1 
1. X sends a message to CH C,.(CH)=Exucyy (Exrxy(id , Y)) 
2. CH receives Message and analyze Mfm(X) = Dkrcm (Exucxy(id , Y)) > (ad, Y) 
3. If decryption error or id is obsolete: 
Increase NL(X)//consider attack 
Discard the message 
Else search entire DB for KU(Y) 
4. If KU(Y) does not exist 
| Send an error message to X 
Else Send a message to X contains Y’s KU C,,.(X) = (Exucxy (Exricm(id , KUCY))) 
5. CH receives Message and analyze Mém(CH) = Derr (Exucxy(id , KUCY))) > id, KU(Y) 
6. If decryption error or id is obsolete: 
| Discard the message 
Else Store Y’s public key and pass it to stage 2 
// Stage 2 
7. X sends a message to Y M,.(Y) = (id , KU(X))) 
8. Y receives Message and analyze id , KU(X) 
9. If id is obsolete: 
| Discard the message 
Else Y sends a query to CH C,.(CH)=Exuicyy (Exrryy(id , KU(X))) 
10. If decryption error or id is obsolete: 
Discard the message 
Increase NL(Y)//consider attack 
Else search entire DB for KU(X) 
11. If KUCX) does not exist 
| Send an error message to Y 
Else send a message to Y contains X’s KU C,.(Y) = (Exury (Exrcm(id , KU(X))) 
12. Y confirms X’s public key from CH’s message Mem(CH) = Dgrecn) (Exuryy(id , KU(X))) 
13. If decryption error or id is obsolete: 
Discard the message 
// Stage 3 
14. Y sends a confirmation to X Cio(X) = (Exucx) (Exrryy(id > KU(X))) 
15. X decrypt Y’s message id , KU(X) 
16. If id is obsolete: 
Discard the message 
Else 
X sends the intermediate encryption key to Y C,(Y) = (Exum) ŒErrœ ld , IEK)) 
17. Y extracts the IKE of the message from X Mfrm(X) = DKR(Y) (EKU(X)(id , IEK)) & (id, IEK) 
18. If decryption error or id is obsolete: 
Discard the message 
Else store IEK 
19. Y sends a hello message encrypted with IEK C,,(X) = Eex (id,““HEIlo’’) 
20. X decrypts the message obtaining the id and “HEllo" confirming the IEK 
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